We do often include affiliate links to earn us some pennies. See more here.

This will be preaching to the choir for some readers, as you didn't exactly need another reason not to use Windows right? Microsoft's new Recall AI will take screenshots of everything you do and that sounds truly terrible. Spyware as a service, courtesy of Microsoft's push to stick AI into everything.

You might think I'm being perhaps a bit sensational here or even clickbaity, but no, this is actually genuinely what Recall does. As Microsoft said: "Recall uses Copilot+ PC advanced processing capabilities to take images of your active screen every few seconds", and not only just on their new ARM PCs, they said it will roll out to x86 platforms too via a Windows update.

What's the point? It's to give you a special timeline of your day (it stores up to 3 months worth of what you do), allowing you to go back through it and find things, highlight things, open the original application shown in pictures and eventually open up whatever you were working on in the right application with the right content at the time. Basically, some fancy-pants AI search going over everything you've done.

Microsoft do say the storage is local to your device, and is "protected using data encryption on your device" and even using BitLocker if you're on Windows 11 Pro or an enterprise Windows 11 SKU. Microsoft also claim it doesn't share it anywhere else, at all, no advertisers or Microsoft themselves. But, how far do we trust data being fed into a black-box AI that no one can really see what it's doing huh?

Here's the thing: straight from their own FAQ (scroll down) it notes how "Recall does not perform content moderation" and it will "not hide information such as passwords or financial account numbers". Oh wow, that sure sounds good for your privacy doesn't it. But don't worry it "does not take snapshots of certain kinds of content, including InPrivate web browsing sessions in Microsoft Edge" and "material protected with digital rights management (DRM)" is also protected. We can't have Netflix or Disney getting annoyed with it taking a shot of that movie you watched, nope.

I'm not even what you may call a "privacy nut". I use big-name stuff all the time, my main browser is plain ol' Google Chrome and you get the idea. But still, this is super weird.

What happens if someone else gets access to your device? Lost, stolen, sold (and you forgot to wipe) and so on. If you get hacked, they'll end up seeing everything, it's another major attack point. Yeah great it's stored on your device, but people and companies get broken open all the time, malicious orgs will have a real party with your data. There's plenty of other times people may end up with access to your device to think about, I'm not going to list them all of course.

You can hear Microsoft CEO Satya Nadella speak about it to The Wall Street Journal, skip to 3:23:

YouTube Thumbnail
YouTube videos require cookies, you must accept their cookies to view. View cookie preferences.
Accept Cookies & Show   Direct Link

No thanks. I'll pass, forever. I never want this. It feels creepy and gross.

The UK's Information Commissioner's Office (ICO) is already looking into it. No doubt others will be too. A privacy nightmare for everyone.

If you wish to try Linux, I can recommend Kubuntu which is my daily-driver.

Article taken from GamingOnLinux.com.
21 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly checked on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly.
See more from me
80 comments
Page: «3/4»
  Go to:

LoudTechie May 23
Quoting: pleasereadthemanual
Quoting: LoudTechieWhat mcirosoft didn't disclose with their TPM requirement is that breaking bitlocker of the TPM they required at first(hardware based) is so easy that a teacher suggested it as a project in my first year of embedded software engineering. This is the relevant trick..
Doesn't work for fTPM, but that only got allowed when it turned out that gamers with game pcs can be very loud.
Huh. That's pretty interesting. I guess the real professionals might have a suitcase full of these pogo pin sniffers for common laptop models, ready to disassemble the laptop at a moment's notice.

My desktop computer from 2017 has fTPM. Let me check if my Dell business laptop from 2022, which came with Windows 11, has fTPM.

<Rebooting>...

Edit:I have no clue. It doesn't tell me in the BIOS whether I have a fTPM, it just has the option to enable Secure Boot.

If you can't enable/disable your TPM in the BIOS you've no fTPM. If you can you do.(f stands for firmware)
EDIT:
This probably means you've hardware TPM for such a modern device.

Rant:
For some reason the advised practice in the security community is that for drm like activities dedicated hardware is most effective, but as far as I've encountered so far this is complete and utter bull.
Nintendo did and does it and failed.
Intel doesn't and succeeds(Intel ME)
By binding it to existing devices changing it is more intermingled with stuff the attacker doesn't want to touch.
Yes giving it more permissions helps, but if you integrate it in the firmware of something important it's harder to take away.

Edit:
Looked it up:
You've both, but the hardware TPM is probably the used one.

Bussiness laptop had TPM before consumer ones, because physical attacks are much more dangerous for owners of laptops who aren't also the user, such as businesses.
I assumed your laptop was new when you got it.


Last edited by LoudTechie on 23 May 2024 at 7:08 pm UTC
LoudTechie May 23
Quoting: wvstolzing... so I take it that plaintext indexing & search already works flawlessly on windows, that they're now expanding their horizons to indexing images, & user actions and the like?

... and that the promised indices won't take up half of the user's boot drive, and perpetually occupy half of their cpu & ram? (which of course they won't because all the processing and storage will be 'in the cloud')

Actually they promised to keep it local(for now), so I hope you've a really large drive, because it'll contain a video of its entire existence.

Edit:
Also they promised to keep it encrypted, so it will take up even more space than a normal video of it existence.


Last edited by LoudTechie on 23 May 2024 at 6:40 pm UTC
Man, Cory Doctorow's word "enshittification" really has turned out to be one of the words of the year, eh?
LoudTechie May 23
[quote=Lofty]
Quoting: LoudTechie
Quoting: Lofty
Quoting: Eike
Quoting: Lofty
QuoteI'm not even what you may call a "privacy nut".

Although this is a common turn of phrase. It's time we removed the association of conspiracy theorist with a human right to privacy.

I agree.

Quoting: LoftyIn the early day's people were far more trusting of technology and saw it as largely altruistic and a benefit to society (which with opensource it still can be) but invariably the usual shadowy forces do their thing and here we are.

[bolding by me]

... but this does sound... conspirational.

Maybe they aren't out in public stood on a box selling you data viewable on a large screen but im perfectly happy to identify groups tucked away in some monolithic corporate box connected to a vast data center sharing deeply personal information about you or your loved ones to the highest bidder as shadowy forces.

To me that is the usual shadowy forces. i couldn't think of a better phrase as my "tin foil" hat is blocking the connection to my neural-link Ai brain feed.

if you cant think of a better turn of phrase then let me know.


Shadowy implies lack of transparency, which has really improved over the years.
The term forces dehumanizes them.
The "shadowy forces" call themselves "data brokers".
I would call them "privacy salesmen/salespeople(reliant on who I'm talking to)".

That having said. I'm not opposed to the term "privacy nut".
I've no issue with being the crazy one and it does get the point across.
Quoting: LoudTechie
Quoting: Lofty
Quoting: Eike
Quoting: Lofty
QuoteI'm not even what you may call a "privacy nut".

Although this is a common turn of phrase. It's time we removed the association of conspiracy theorist with a human right to privacy.

I agree.

Quoting: LoftyIn the early day's people were far more trusting of technology and saw it as largely altruistic and a benefit to society (which with opensource it still can be) but invariably the usual shadowy forces do their thing and here we are.

[bolding by me]

... but this does sound... conspirational.

Maybe they aren't out in public stood on a box selling you data viewable on a large screen but im perfectly happy to identify groups tucked away in some monolithic corporate box connected to a vast data center sharing deeply personal information about you or your loved ones to the highest bidder as shadowy forces.

To me that is the usual shadowy forces. i couldn't think of a better phrase as my "tin foil" hat is blocking the connection to my neural-link Ai brain feed.

if you cant think of a better turn of phrase then let me know.


QuoteShadowy implies lack of transparency, which has really improved over the years.

Has it ? I mean i know there are laws around data protection such as GDPR. At least from a European perspective i could mostly agree. But Microsoft is an American company.
Aha, but to do business in Europe it still has to report who it sells and provides, which data to and to keep it a little scalable they will try to keep these pieces of information the same for europe and the rest of the globe(especially the first time they had to publish this, because making a special "europe" exception takes time) and the same is true for California.
Also thanks to the Snowden leaks the USA government more often publishes(often due to court cases) on the subject. Also there are nowadays more external monitoring methods.
Also the EU thanks to Snowden leaks once in a while get forced to publish parts of its own espionage through court cases.

Quoting: Lofty
QuoteThe term forces dehumanizes them.

Forces implies a large gathering of people committed to the same objective. Are we 'dehumanizing' an invading army by calling them a 'force' ?
Okay here you're just right, my excuses for the mistake.

Quoting: Lofty
QuoteThe "shadowy forces" call themselves "data brokers".
I would call them "privacy salesmen/salespeople(reliant on who I'm talking to)".

'privacy salesmen' should not even be a thing,i would call them immoral shysters. It should not be a job to sell people's private information without consent at the level proposed here.
[quote=Lofty]
Well yeah that's why I prefer the term. It gets the point across without sounding like an accusation of conspiracy beyond normal business transactions.
Quoting: Lofty
QuoteThat having said. I'm not opposed to the term "privacy nut".
I've no issue with being the crazy one and it does get the point across.

So long as it's not used to dehumanize people who care about privacy or minimize the risks involved, hushing people into silence.

Meh, many badges of honor in the past began as a way to dismiss owning up to it is often more effective. The term jesuit was meant to call them traitors, Cavalier was at first meant as an insult, Anarchist started as an insult it, conservative started as an insult.


Last edited by LoudTechie on 23 May 2024 at 6:43 pm UTC
Oh man, I can't wait for the first news articles to break about when Microsoft inevitably stuffs something up in an update and people's embarrassing private session get uploaded and shared far and wide. 🤣 You know that's going to happen eventually.

It's worth noting that not even Windows users are particularly enthused at the idea, as in this article on PCGamer.

Quoting: LoftyAre we 'dehumanizing' an invading army by calling them a 'force' ?
Yes. We call them "enemy forces," not "enemy people." An important facet of war is finding ways to dehumanize the people you're fighting so you/your soldiers don't feel so bad about killing them.
Bumadar May 23
The screenshot made just as you hover over the view password icon to check will be worth gold;)
Pengling May 23
Quoting: PhiladelphusIt's worth noting that not even Windows users are particularly enthused at the idea, as in this article on PCGamer.
I'll be amazed if many will put their money where their mouth is and walk away. It's only gotten as bad as it is now because they never take action about their complaints.
Pyrate May 23
This is so wonderful, it's setting the groundwork for my friends who have started asking me about Linux and it'll develop into them considering, and hopefully even switching to it before October 2025.
tohur May 23
I would trust such a feature if it was opensource.. for instance if a DE on Linux implemented this feature I would use it without batting an eye considering I could just go look at the source code to see what its doing and mostly likely use my OWN ai models to boot.. only way folks gona feel conforble using this from Microsoft is if they opensourced it.. To be frank it should be a LAW features such as this must be opensourced regardless if the OS is or not.


Last edited by tohur on 23 May 2024 at 9:15 pm UTC
LoudTechie May 23
Quoting: tohurI would trust such a feature if it was opensource.. for instance if a DE on Linux implemented this feature I would use it without batting an eye considering I could just go look at the source code to see what its doing and mostly likely use my OWN ai models to boot.. only way folks gona feel conforble using this from Microsoft is if they opensourced it.. To be frank it should be a LAW features such as this must be opensourced regardless if the OS is or not.

I wouldn't
The data is still stored on the computer and made readily accessible.
A malicious actor on my system(this can just be chrome looking for delicious data) can take it and run with it.
Quoting: Pengling
Quoting: PhiladelphusIt's worth noting that not even Windows users are particularly enthused at the idea, as in this article on PCGamer.
I'll be amazed if many will put their money where their mouth is and walk away. It's only gotten as bad as it is now because they never take action about their complaints.
But the situation is not immutable. Linux's share on Steam has been growing, largely thanks to the Steam Deck--but the Linux share on the desktop in general seems to have been growing significantly faster the last year or two; we're apparently up to about 4%. I think something like this could add a couple of percentage points.
Pengling May 23
Quoting: Purple Library GuyBut the situation is not immutable. Linux's share on Steam has been growing, largely thanks to the Steam Deck--but the Linux share on the desktop in general seems to have been growing significantly faster the last year or two; we're apparently up to about 4%. I think something like this could add a couple of percentage points.
Oh, don't get me wrong, I reckon you're right. It's just infuriating to always see people saying "I don't like this!" only to then continue to use the offending products, in spite of the existence of alternatives that will suit a huge amount of people just fine and relieve them of that stress. (Life's too short, why would you put yourself through it?)


Last edited by Pengling on 23 May 2024 at 10:28 pm UTC
tohur May 23
Quoting: LoudTechie
Quoting: tohurI would trust such a feature if it was opensource.. for instance if a DE on Linux implemented this feature I would use it without batting an eye considering I could just go look at the source code to see what its doing and mostly likely use my OWN ai models to boot.. only way folks gona feel conforble using this from Microsoft is if they opensourced it.. To be frank it should be a LAW features such as this must be opensourced regardless if the OS is or not.

I wouldn't
The data is still stored on the computer and made readily accessible.
A malicious actor on my system(this can just be chrome looking for delicious data) can take it and run with it.

And thats on you not the DE. but fact is this is Linux if a DE did implement such a feature 1.) you wouldn't be required to use such a feature. 2 .) it would 99% be a opt in not opt out. 3.) it would most likely be encrypted


Last edited by tohur on 23 May 2024 at 10:35 pm UTC
Quoting: Pengling
Quoting: Purple Library GuyBut the situation is not immutable. Linux's share on Steam has been growing, largely thanks to the Steam Deck--but the Linux share on the desktop in general seems to have been growing significantly faster the last year or two; we're apparently up to about 4%. I think something like this could add a couple of percentage points.
Oh, don't get me wrong, I reckon you're right. It's just infuriating to always see people saying "I don't like this!" only to then continue to use the offending products, in spite of the existence of alternatives that will suit a huge amount of people just fine and relieve them of that stress. (Life's too short, why would you put yourself through it?)
It's like becoming a Canadian. That would go against our freedoms.

I might be misremembering something I heard a long time ago...
Cyril May 24
I really hope, this time, a lot of people will wake up. I don't know what else they'll need if that's not sufficient for them. And I just really know, like some of you sadly, if I speak about that to some of my family's members they'll just think I'm paranoid, more than usual I mean...
Some people I know already use Linux, for some with my help, and I speak about it regularly.
I don't know for you, but whenever people switch to Linux because of me I'm pretty happy, but that's just a drop in the ocean...
It's frightening, a nightmare, and it's worse day after day, I'm losing hope for fuck sake.
pilk May 24
Quoting: pleasereadthemanualI might be misremembering something I heard a long time ago...
lmao I never read the whole Canada tweet until today. That's hilarious.
Yeah, stand up against Microsoft... by making it your mission to continue using their products. Either you keep making an invasive, broken operating system and I keep giving you money, or you 180 where I will give you money. Either way, I will continue to give you money. That's the level of stupidity I come to expect from Mr. Sweeney.


Last edited by pilk on 24 May 2024 at 12:34 am UTC
I don't expect much to change though, people will just go along with it begrudgingly. Or they wont even know about it.
redman May 24
Quoting: Liam Dawe
Quoting: phil995511It is prohibited for an employer to spy on its employees in any way. This type of function is therefore formally prohibited in the professional field.
Depends where you are. Lots of companies in lots of countries already keep tabs on what employees are doing and looking at.

I believe that in all South America when your employee gives you a computer all the content of the computer is property of your employee (At least I know that happens in 8 of 11 countries), the first thing in what I thought is this going to be the panacea of the middle manager and number crunching bosses. Almost all the companies uses Windows, if they don't have a contract as partner, is all the people now how to use (Including IT guys), so deploying this in all machine they will now what are you doing all day, or if you are not doing something for the company all the hours they are paying you.

More troublesome is the public offices that you have to give your information, they will also take screenshot of that ? Make me glad that my country on a very controversial situation some public offices start using Linux to not pay the licenses fees of all the machines, so at least some data will not reach them so easily.
LoudTechie May 24
Quoting: tohur
Quoting: LoudTechie
Quoting: tohurI would trust such a feature if it was opensource.. for instance if a DE on Linux implemented this feature I would use it without batting an eye considering I could just go look at the source code to see what its doing and mostly likely use my OWN ai models to boot.. only way folks gona feel conforble using this from Microsoft is if they opensourced it.. To be frank it should be a LAW features such as this must be opensourced regardless if the OS is or not.

I wouldn't
The data is still stored on the computer and made readily accessible.
A malicious actor on my system(this can just be chrome looking for delicious data) can take it and run with it.

And thats on you not the DE. but fact is this is Linux if a DE did implement such a feature 1.) you wouldn't be required to use such a feature. 2 .) it would 99% be a opt in not opt out. 3.) it would most likely be encrypted

Actually I think encryption wouldn't be a feature if it were open source.
Secret management is important in open source security considerations and the secret would in this case be stored on the same place as the data.
The rest of your points are convincing and yes this's certainly on me.
Lexwak May 24
People always seem to get worked up over nothing, it's as if they're constantly searching for something to worry about. The article discusses the potential consequences if someone were to steal your device and access your personal information. However, if someone gains access to your computer, they could uncover much more than just random screenshots taken out of context. If privacy concerns you, you have the option to disable Recall from saving anything anyway.

It seems like most people are simply going about their day with their Androids or iPhones, casually browsing through Instagram or YouTube, maybe dropping a comment on Reddit or Twitter. But where do we draw the line on privacy? I say, let people choose their tools and determine what they're comfortable sharing without resorting to unnecessary fear tactics.
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register